Passwords. Get an idea of how long it will take to crack yours.

[ots3go]

Using an example for my password scheme:
Online Attack Scenario:
(Assuming one thousand guesses per second) 1.28 hundred billion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.28 thousand trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.28 trillion centuries

 

[atpbx]

92.6 years in an online attack.
29.2 seconds off line.
0.29 seconds with a massive cracking array.

You would have to be pretty bored to go to those lengths to crack my PC.

 

[ots3go]

What does concern my out of this is that some websites limit your password length...

This makes it all the more obvious why that's a pretty stupid thing to do.

 

[DJMK4]

Here is the output for my network / server password at home

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.49 hundred thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.49 billion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.49 million centuries

 

[metbandit1]

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.04 billion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 10.43 centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.04 years

 

[MooMoo444]

91.92 thousand trillion centuries from the massive cracking array

I feel suitably secure

However, the machine may guess your comination at some point during the first day

 

[d_brennen]

Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 7.83 hundred billion centuries

y0

 

[Admiral Huddy]

91.92 thousand trillion centuries from the massive cracking array

I feel suitably secure

I'll get started..

AAAAAA
AAAAAB
AAAAAC
AAAAAD
etc..

Time Required to Exhaustively Search this Password's Space:
Online Attack Scenario:
(Assuming one thousand guesses per second) 2.71 hundred thousand centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 3.25 months
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 2.37 hours

2 hours for one I use for work. Strange, best keep that from the auditors or they'll increase the password policy rules

 

[Cosimo]

Women are real easy:

6.91 years
2.17 seconds
0.00217 seconds

 

[Admiral Huddy]

Women are real easy:

6.91 years
2.17 seconds
0.00217 seconds

Just typed in "Woman":

Time Required to Exhaustively Search this Password's Space:
Online Attack Scenario:
(Assuming one thousand guesses per second) 4.49 days
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 0.00388 seconds
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 0.00000388 seconds

If only it was that simple.. I have no idea what goes on in my wife's head..Ignorance is bliss.

 

[Burnsy2023]

Cute example, but you neglect the shortcuts which can be taken by testing dictionary words.

It depends on the words you string together and the breakers you use in between or around.

Which shortcuts could be used on three or more words concatenated together?

 

[Ace Modder]

Online Attack Scenario:
(Assuming one thousand guesses per second) 33.22 centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 17.41 minutes
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.04 seconds

 

[izzop]

Pretty secure....

Online Attack Scenario:
(Assuming one thousand guesses per second)
1.74 hundred billion centuries

Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second)
1.74 thousand centuries

Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)
1.74 centuries

Or at least I was until I used this site

 

[Begbie]

Must change my passwords;

Online Attack Scenario:
(Assuming one thousand guesses per second) 33.22 centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 17.41 minutes
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.04 seconds

Our work gives us our password as a security measure, we never get to choose our own. (think this is quite common now?) According to this site;

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.80 centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 56.47 seconds
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 0.0565 seconds

 

[lookitsjonno]

meanwhile this site is logging passwords and adding them to passwords.db

 

[Dj_Jestar]

No it's not. You can view your browser's traffic and see that nothing is sent after the page load.

 

[wez130]

1.04 years in massive cracking array

 

[shadow_boxer]

My standard password for email and online shopping accounts,

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.83 billion centuries

 

[Luke]

Our work gives us our password as a security measure, we never get to choose our own. (think this is quite common now?) According to this site;

No site given, but that strikes me as a significant security risk as either someone else knows your password in order to give it to you, or it is randomly generated meaning everyone will be writing their passwords down. Neither is good.

 

[FNGsam]

2.37 hours - Massive Cracking Array (No symbols)

If I add 1 symbol onto the password though it jumps up to 1.83 years!